| Question.37 You have an Azure subscription that contains a virtual network named VNet1. VNet1 contains four subnets named Gateway, Perimeter, NVA, and Production. The NVA subnet contains two network virtual appliances (NVAs) that will perform network traffic inspection between the Perimeter subnet and the Production subnet. You need to implement an Azure load balancer for the NVAs. The solution must meet the following requirements: The NVAs must run in an active-active configuration that uses automatic failover. The load balancer must load balance traffic to two services on the Production subnet. The services have different IP addresses. Which three actions should you perform? (A) Deploy a basic load balancer (B) Deploy a standard load balancer (C) Add two load balancing rules that have HA Ports and Floating IP enabled (D) Add two load balancing rules that have HA Ports enabled and Floating IP disabled (E) Add a frontend IP configuration, a backend pool, and a health probe (F) Add a frontend IP configuration, two backend pools, and a health probe |
37. Click here to View Answer
B: Deploy a standard load balancer
HA ports need are not supported by a basic loadbalancer
C: Add two load balancing rules that have HA Ports and Floating IP enabled
You need a floating ip for the active-active configuration to switch over quickly
F: Add a frontend IP configuration, two backend pools, and a health probe
You need 2 backend pools for the 2 different services
A standard load balancer is required for the HA ports.
Two backend pools are needed as there are two services with different IP addresses.
Floating IP rule is used where backend ports are reused.
Incorrect Answers:
E: HA Ports are not available for the basic load balancer.
Reference:
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-standard-overview
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-multivip-overview
| Question.38 You have an Azure subscription named Subscription1 that contains two Azure virtual networks named VNet1 and VNet2. VNet1 contains a VPN gateway named VPNGW1 that uses static routing. There is a site-to-site VPN connection between your on-premises network and VNet1. On a computer named Client1 that runs Windows 10, you configure a point-to-site VPN connection to VNet1. You configure virtual network peering between VNet1 and VNet2. You verify that you can connect to VNet2 from the on-premises network. Client1 is unable to connect to VNet2. You need to ensure that you can connect Client1 to VNet2. What should you do? (A) Download and re-install the VPN client configuration package on Client1. (B) Select Allow gateway transit on VNet1. (C) Select Allow gateway transit on VNet2. (D) Enable BGP on VPNGW1 |
38. Click here to View Answer
Answer is (A) Download and re-install the VPN client configuration package on Client1.
If you make a change to the topology of your network and have Windows VPN clients, the VPN client package for Windows clients must be downloaded and installed again.
Reference:
https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-point-to-site-routing
| Question.39 You have an Azure web app named webapp1. You have a virtual network named VNET1 and an Azure virtual machine named VM1 that hosts a MySQL database. VM1 connects to VNET1. You need to ensure that webapp1 can access the data hosted on VM1. What should you do? (A) Deploy an internal load balancer (B) Peer VNET1 to another virtual network (C) Connect webapp1 to VNET1 (D) Deploy an Azure Application Gateway |
39. Click here to View Answer
Answer is (C) Connect webapp1 to VNET1
The VNet Integration feature has two variations:
– Regional VNet Integration: When you connect to Azure Resource Manager virtual networks in the same region, you must have a dedicated subnet in the VNet you’re integrating with.
– Gateway-required VNet Integration: When you connect to VNet in other regions or to a classic virtual network in the same region, you need an Azure Virtual Network gateway provisioned in the target VNet.
Note: If the VNet is in the same region, either create a new subnet or select an empty preexisting subnet.
The resources inside a VNet can communicate.
Reference:
https://docs.microsoft.com/en-us/azure/app-service/web-sites-integrate-with-vnet
| Question.40 You have five Azure virtual machines that run Windows Server 2016. The virtual machines are configured as web servers. You have an Azure load balancer named LB1 that provides load balancing services for the virtual machines. You need to ensure that visitors are serviced by the same web server for each request. What should you configure? (A) Floating IP (direct server return) to Disabled (B) Session persistence to None (C) Protocol to UDP (D) Session persistence to Client IP |
40. Click here to View Answer
Answer is (D) Session persistence to Client IP
With Sticky Sessions when a client starts a session on one of your web servers, session stays on that specific server. To configure An Azure Load-Balancer For Sticky Sessions set Session persistence to Client IP or to Client IP and protocol.
Note:
– Client IP and protocol specifies that successive requests from the same client IP address and protocol combination will be handled by the same virtual machine.
– Client IP specifies that successive requests from the same client IP address will be handled by the same virtual machine.
Reference:
https://cloudopszone.com/configure-azure-load-balancer-for-sticky-sessions/